Sophos helps businesses cope with the global threat landscape and comply with National Data Privacy Act.

How to secure your data and protect your business from cyber threats

(philstar.com) - June 18, 2018 - 10:37am

MANILA, Philippines — In light of recent data breaches and cyberattacks against businesses and institutions in both the public and private sector in the Philippines, the evolving global threat landscape, and the stricter enforcement of the National Data Privacy Act, Sophos, a global leader in network and endpoint security, highlights the need for organizations to update their IT systems and practices to better protect data.

According to Julius Suarez, Sophos’ manager for engineering for the ASEAN regions, it is a must for companies to constantly beef up their security practices to keep up with the increasing number of cyber security threats.

“With the growing incidences of ransomware, distributed-denial-of-service (DDOS) attacks, and cryptomining, among others, cybercrimes today are growing in frequency, ingenuity, and financial impact. Organizations should reevaluate their security to include predictive security technology that has the capabilities to get ahead of these painful and costly exploits, integrated network and endpoint protection that has the ability to halt advanced threats and contain isolated incidents before they become widespread, as well as advanced employee education,” he said.

With the Department of Information and Communications Technology declaring June as the National ICT Month in Philippines, Sophos has shared the following best practices to help organizations secure data better.

Patch early and often

Malware does not spread through a document, but it often relies on security bugs in popular applications, including Microsoft Office, your browser, Flash and more. The sooner you patch, the fewer holes that can be exploited.

Educate employees

Phishing remains an easy access route into organizations for today’s ransomware payloads and data breaches, with 41 percent of organizations seeing an attack on a daily basis. Organizations need to constantly educate their employees on the social engineering tactics attackers use to trick them into downloading malware. A service like the Phish Threat simulator automates the entire training process and provides visual analytics to identify vulnerable employees.

Upgrade firewalls

Network firewalls with traditional signature-based detection are no longer able to provide adequate visibility into application traffic due to a variety of factors such as the increasing use of encryption, browser emulation, and advanced evasion techniques. Network protection now needs to be able to exchange direct information with endpoint security in order to reveal who and what is lingering on your networks. Without such visibility, ransomware, unknown malware, data breaches and other advanced threats, as well as potentially malicious applications and rogue users can slip through the cracks and infect entire systems.

To help IT managers, Sophos is enabling them to have higher levels of network visibility through its XG Firewall solution that integrates deep learning and advanced threat protection technology to block sophisticated unknown threats like ransomware, cryptojacking, bots, worms, hacks, breaches and advanced persistent threats (APTs).

Always update endpoint protection

Traditional anti-virus solutions may no longer be enough. Cyberattacks today are becoming more sophisticated, adapting to — and eventually overcoming — traditional security defenses. To counter these, Sophos has developed Intercept X, which is equipped with deep learning capabilities to identify and block both known and unknown exploits before they can even cause any harm.

Deep learning is a branch of machine learning and artificial intelligence that leverages an artificial neural network to build a model used to make predictions with speed, scale and judgment that exceed human capabilities. The deep neural network of Intercept X is trained on hundreds of millions of samples to detect when a file is malicious, potentially unwanted, or legitimate. Deep learning is more effective than traditional machine learning approaches because of its larger scale training set, smaller model and more effective detections.

Back up, encrypt and strengthen password

There are dozens of ways other than ransomware that files can be lost, such as fire, flood, theft, a dropped laptop or even an accidental delete. Encrypt your backup and you won’t have to worry about the backup device falling into the wrong hands. Make use of password managers, which keep track of log-in details, and ensure passwords or passphrases are unique and strong.

“Combining predictive technologies, synchronized security, and employee awareness can help organizations stay ahead of today’s evolving threat landscape,” said Suarez. “These should be considered as investments not just in data security and privacy, but also in business productivity and efficiency, as well as protection from litigation and compliance issues.”

Newly-crowned WBA bantamweight champion Nonito Donaire Jr. said yesterday his next fight against WBO titlist Zolani Tete of South Africa will likely be held in Asia with Manila an option to host the World Boxing Super Series semifinal on the way to determining a unified ruler in the 118-pound division.

South Korea and the United States on Monday resumed small-scale military training that was indefinitely suspended following an historic summit between US President Donald Trump and North Korean leader Kim Jong Un.

President Xi Jinping on Monday will open a Shanghai import fair intended as a signal by China that its markets are open despite mounting criticism to the contrary and the worsening trade war with Washington.